Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/YKfK11Z_V7Ow4TlaAC0BbV4kvsE.roa
File: YKfK11Z_V7Ow4TlaAC0BbV4kvsE.roa (raw, json)
Hash identifier: PQPk733I9qECXTWQmoErucT1n8JgeA2td1CgKCORhg4=
Subject key identifier: 60:A7:CA:D7:56:7F:57:B3:B0:E1:39:5A:00:2D:01:6D:5E:24:BE:C1
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 019E6E70F7A03038EDFC8DB073E00E1E3BC7
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/YKfK11Z_V7Ow4TlaAC0BbV4kvsE.roa
Signing time: Thu 28 May 2026 11:55:57 +0000
ROA not before: Thu 28 May 2026 11:55:57 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 203048
IP address blocks: 82.108.194.0/24 maxlen: 24
82.109.144.0/24 maxlen: 24
87.84.79.0/24 maxlen: 24
212.134.182.0/24 maxlen: 24
212.134.237.0/24 maxlen: 24
212.135.140.0/24 maxlen: 24
212.135.151.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 15:05:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:6e:70:f7:a0:30:38:ed:fc:8d:b0:73:e0:0e:1e:3b:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: May 28 11:55:57 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=60a7cad7567f57b3b0e1395a002d016d5e24bec1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:57:61:4c:98:15:97:6e:aa:b7:3b:35:a9:8b:
60:61:b7:f5:20:50:84:7c:34:41:49:02:5d:9e:7b:
88:bf:8f:b2:bd:f1:6c:5f:8b:34:b4:a3:4a:fd:f6:
18:94:ce:ab:fd:24:90:ad:6f:10:48:ae:28:f8:96:
61:84:19:78:2f:28:8c:39:2e:6f:6f:fd:fc:9a:fa:
3a:c9:46:87:cc:48:46:6c:74:23:f1:4d:5c:17:2a:
59:41:03:ef:0a:38:3f:eb:3d:1b:18:78:a9:94:14:
3a:d2:7d:07:31:67:79:36:f5:7b:3f:b1:f5:d5:fe:
b5:be:86:17:cf:5f:41:d5:2b:96:c7:8e:25:9e:66:
65:5e:05:41:14:f5:6d:4e:9e:79:22:95:b1:f9:0d:
6b:e5:e2:00:d7:12:a1:32:4a:19:96:f2:ae:75:73:
9c:31:57:ca:31:59:e5:f9:e4:2d:f9:d6:25:c1:16:
4e:3a:ac:5c:50:6a:bf:de:88:f1:9f:cb:62:4b:07:
32:8d:86:28:67:95:f6:5b:80:a0:53:30:51:39:26:
d2:83:9a:a4:85:cc:6f:6b:3c:58:f2:03:dd:c2:81:
c7:0f:ed:30:1b:c1:6c:84:b8:9a:5e:74:cf:4b:4d:
c1:d0:4f:de:7a:ed:7a:27:d1:30:3f:f4:47:4a:02:
95:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:A7:CA:D7:56:7F:57:B3:B0:E1:39:5A:00:2D:01:6D:5E:24:BE:C1
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/YKfK11Z_V7Ow4TlaAC0BbV4kvsE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.108.194.0/24
82.109.144.0/24
87.84.79.0/24
212.134.182.0/24
212.134.237.0/24
212.135.140.0/24
212.135.151.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:02:ca:fd:08:e1:b4:37:a6:05:21:ef:6d:03:89:8b:29:b2:
c5:6a:4b:65:10:fe:dd:74:d8:6e:0a:02:7c:22:f1:4b:d3:1c:
af:37:54:93:be:2f:05:69:3c:d1:8e:72:66:54:9f:e2:59:60:
70:c7:6d:aa:d6:84:98:8c:9b:19:ce:a6:35:a2:58:0c:76:aa:
b3:3e:e7:4d:d2:d2:1e:36:c3:2a:d5:52:6a:fa:c0:ac:3f:e0:
a8:9c:63:6d:10:42:27:80:eb:3b:10:75:f7:07:be:9b:9c:3f:
f0:5d:52:67:d8:c4:bd:a0:1c:69:60:6d:09:2e:9f:60:04:13:
32:e3:e8:a6:23:83:e0:bf:29:6a:c5:79:90:f7:88:9f:16:03:
75:13:f6:78:b0:66:b4:a0:39:54:21:41:3c:60:c6:56:ec:4a:
56:f4:d4:38:49:a3:20:69:30:b2:2e:e0:46:74:c8:1b:56:30:
44:b2:3f:4e:65:07:37:e4:e4:50:21:40:9b:14:80:62:54:8e:
3c:c5:ec:fa:ed:27:38:18:ef:be:6c:6f:19:bf:52:b9:e5:48:
87:d0:47:49:29:e7:30:6f:95:39:fe:40:0c:f4:ff:4b:b4:ca:
44:34:6a:8a:9a:84:72:66:63:a8:d5:d8:67:4d:de:d7:55:eb:
10:2c:96:3b
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZ5ucPegMDjt/I2wc+AOHjvHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjYwNTI4MTE1NTU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGE3Y2FkNzU2N2Y1N2IzYjBlMTM5NWEwMDJkMDE2ZDVlMjRiZWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjFdhTJgVl26qtzs1qYtgYbf1IFCE
fDRBSQJdnnuIv4+yvfFsX4s0tKNK/fYYlM6r/SSQrW8QSK4o+JZhhBl4LyiMOS5v
b/38mvo6yUaHzEhGbHQj8U1cFypZQQPvCjg/6z0bGHiplBQ60n0HMWd5NvV7P7H1
1f61voYXz19B1SuWx44lnmZlXgVBFPVtTp55IpWx+Q1r5eIA1xKhMkoZlvKudXOc
MVfKMVnl+eQt+dYlwRZOOqxcUGq/3ojxn8tiSwcyjYYoZ5X2W4CgUzBROSbSg5qk
hcxvazxY8gPdwoHHD+0wG8FshLiaXnTPS03B0E/eeu16J9EwP/RHSgKVNQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFGCnytdWf1ezsOE5WgAtAW1eJL7BMB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvWUtmSzExWl9WN093NFRsYUFDMEJiVjRrdnNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAUmzCAwQA
Um2QAwQAV1RPAwQA1Ia2AwQA1IbtAwQA1IeMAwQA1IeXMA0GCSqGSIb3DQEBCwUA
A4IBAQCcAsr9COG0N6YFIe9tA4mLKbLFaktlEP7ddNhuCgJ8IvFL0xyvN1STvi8F
aTzRjnJmVJ/iWWBwx22q1oSYjJsZzqY1olgMdqqzPudN0tIeNsMq1VJq+sCsP+Co
nGNtEEIngOs7EHX3B76bnD/wXVJn2MS9oBxpYG0JLp9gBBMy4+imI4PgvylqxXmQ
94ifFgN1E/Z4sGa0oDlUIUE8YMZW7EpW9NQ4SaMgaTCyLuBGdMgbVjBEsj9OZQc3
5ORQIUCbFIBiVI48xez67Sc4GO++bG8Zv1K55UiH0EdJKecwb5U5/kAM9P9LtMpE
NGqKmoRyZmOo1dhnTd7XVesQLJY7
-----END CERTIFICATE-----
Generated at Thu Jun 4 01:15:43 2026 by rpki-client